Governance

Statute

Control and risk management system

The Internal Control System (SCI) is the series of rules, procedures and organisational structures aimed to allow the identification, measurement, management and monitoring of the main corporate risks; it develops over 3 lines of defence and is sub-divided into specific areas, for each of which a Manager/Risk Owner is identified.

Control and risk management system

The Internal Control System (SCI) is the series of rules, procedures and organisational structures aimed to allow the identification, measurement, management and monitoring of the main corporate risks; it develops over 3 lines of defence and is sub-divided into specific areas, for each of which a Manager/Risk Owner is identified.

Control and risk management system

The Internal Control System (SCI) is the series of rules, procedures and organisational structures aimed to allow the identification, measurement, management and monitoring of the main corporate risks; it develops over 3 lines of defence and is sub-divided into specific areas, for each of which a Manager/Risk Owner is identified.

Ethics and conduct

Statute

The Statute of InfoCamere voted by the Extraordinary Meeting of Shareholders on 21 July 2016 is made up of a total of 33 articles subdivided as follows: .

name, headquarters, duration and object;

partnership capital and partners of the company;

Meeting of Shareholders, Board of Directors and Analogue Control Committee;

external auditing and the Board of Auditors;

financial statements;

withdrawal and exclusion of partners;

winding-up of the company;

controversies.

Meeting of Shareholders

The Meeting of Shareholders represents the totality of shareholders and carries out the tasks foreseen by law and by the Statute. In particular, the Statute sets down as being the task of the Meeting of Shareholders: (i) determination of the company's strategic directions and approval of the annual plan of actions and the budget for the following year; (ii) approval of the compulsory contributions to be made by shareholders; (iii) the purchase, sale and exchange of real estate and (iv) the acquisition and sale of holdings in companies. The Statute also establishes the rules under which the Meeting of Shareholders operates, with particular reference to the methods used to call it, how the meetings take place and the relevant quorum and quorum for passing motions.

The Meeting of Shareholders avails itself of the Analogue Control Committee.

Board of Directors

The Board of Directors, which is nominated by the Meeting of Shareholders, is responsible for operational running of the Company. The Board works to implement the corporate object in compliance with the resolutions passed by the Meeting of Shareholders and within the limits of the powers assigned it by Law and by the Statute. In particular, the Board nominates the General Manager and the Company managers.

Analogue Control Committee

The Analogue Control Committee is nominated by the Meeting of Shareholders. It supervises and controls proper implementation by the Board of Directors of the plan of actions and strategic directions, as deliberated by the Meeting of Shareholders.

Board of Auditors

The Board of Auditors, which is nominated by the Meeting of Shareholders, carries out the auditing and control activities foreseen by Law.

External Auditors

The task of external auditing is assigned, for the duration foreseen by Law, based on a resolution passed by the Meeting of Shareholders, following a reasoned proposal by the Board of Auditors, to an auditing company registered in the relevant list. Pursuant to Legislative Decree 39/2010, in the resolution passed on 23 June 2016 the Meeting of Shareholders of the Company assigned the position of external auditors for the Company for the financial years 2016, 2017, 2018, 2019, 2020, 2021, 2022, 2023 and 2024 to the company BDO Italia S.p.A

Supervisory Body

Nominated by the Board of Directors, it is made up of three members. It has independent power to take initiatives and control, with the task of supervising operations and compliance with the Organisation and Control Model and ensuring it is updated in compliance with the legal requirements on the administrative liability of businesses (pursuant to legislative decree 231/01); it is responsible for defining, updating and checking the contents of the Ethics code.

Manager in charge of preparing the corporate accounting documents

Nominated by the Board of Directors, subject to the compulsory opinion of the Board of Auditors, for a period not less than the period in office of the Board of Directors itself, he provides for adequate administrative and accounting procedures to draw up the financial statements. As part of the Internal Control System, he assists at the second level with the other control functions.

Control and risk management system

The Internal Control System (SCI) is the series of rules, procedures and organisational structures aimed to allow the identification, measurement, management and monitoring of the main corporate risks; it develops over 3 lines of defence and is sub-divided into specific areas, for each of which a Manager/Risk Owner is identified.

The responsibility for the third level of control is assigned to the Internal Audit structure, under the direct responsibility of the Board of Directors.

In particular, the SCI and Risk Management (GR) help ensure implementation of the corporate strategies, the effectiveness and efficiency of corporate processes, safeguarding of the corporate wealth, the reliability and integrity of accounting and management information and the compliance of operations with the rules to which the Company is subject.

The SCI and GR, therefore, play a central role in the Company organisation, contributing to the adoption of informed decisions that are in line with the propensity for risk, as well as distributing proper knowledge of risks, legal requirements and corporate values.

Ethic code

The Ethics code identifies the set of principles, values, rights and duties, as well as the rules of conduct and the responsibilities that the Company and its directors, managers, employees and associates are to comply with when carrying out their activities and when dealing with the stakeholders with whom they are required to interact on a day-to-day basis.

The set of ethical principles and values expressed in the Ethics code must be the inspiration for the actions of everybody working at the Company, taking into account the importance of the roles, the complexity of the functions and responsibilities assigned them to pursue the corporate aims.

In order to guarantee compliance with the Ethics code and its effectiveness, the Company has assigned the task of assessing to what extent the behaviour of recipients complies with the requirements of the Ethics code to a specially created internal body: this body is the Supervisory Body set up by the Company to comply with the requirements of legislative decree 231/2001 and subsequent modifications and additions.

Organisation, management and control model

Since 2009, the Company has adopted an Organisation, management and control model with the aim of setting up a structured and organic system of guidelines, rules, operating procedures and other specific aids with the purpose of providing the Company itself with an effective System that is reasonably suitable to identify and prevent any actions of significance pursuant to Legislative Decree 231/2001 and subsequent modifications and additions carried out by the Company itself or by those responsible for its management and/or supervision.

Anti-corruption plan

In line with the regulatory requirements of Law 190/2012, Legislative Decree 33/2013 and the related ANAC guidelines, the Company has adopted the Three-year Anti-Corruption Plan with the aim of ensuring implementation of the strategies to prevent and fight corruption.

Integrity pact

The Integrity Pact sets up the mutual and formal obligation between InfoCamere and economic operators, defined as the business or temporary grouping of enterprises or business consortium taking part in or being awarded the tender/negotiation procedure issued by InfoCamere, to conduct themselves according to principles of loyalty, transparency and integrity.

Privacy and security

The Company is aware of the fact that information security represents a strategic factor for its business, and that it is a distinguishing and competitive factor: in order to pursue its corporate mission and implement all the measures to safeguard corporate interests and those of its customers, it provides organisational, technical and economic resources. InfoCamere is aware of the fact that information security represents a strategic factor for the company's business, and that it is a distinguishing and competitive factor in order to pursue its corporate mission. InfoCamere implements all measures to safeguard corporate interests and those of its customers and to provide organisational, technical and economic resources in order to:

represent the superior structure for the management and disclosure of the Chamber of Commerce records system, of which it forms an integral part:

guarantee that the security policies and corporate procedures take into account commitments to customers, to guarantee the security requirements (compulsory, optional or implicit);

guarantee the compliance of processes with laws and regulations, classifying the information and establishing the right to access information according to criteria of confidentiality and based on a principle of need;

implement all the measures necessary to ensure the proper handling and integrity of the data acquired and managed on behalf of the customer;

guarantee the level of service required by customers and the availability of staff and infrastructure, and the operation of equipment;

guarantee resumption of proper resource functions in the case of critical events in terms of information availability (operating continuity), consolidating and enhancing the power of the business continuity and disaster recovery processes that are already implemented.

Health and Safety at work

The Company has set up a voluntary system for management of health and safety at work (SGSL), according to UNI-INAIL Guidelines, as foreseen by art. 30 of Legislative Decree 81/2008.

Adopting the SGSL means that it is possible to:

help improve the levels of health and safety at work;

improve the company's internal and external image;

progressively reduce the overall costs of health and safety at work, including those deriving from accidents, injuries and work-related diseases, minimising the risks to which employees or third parties (customers, suppliers, visitors, etc.) may be exposed.